Issue #610: Support provisioning Rocky Linux 8.4

Signed-off-by: abhishek-s-a <a_sa@dellteam.com>

control_plane/roles/control_plane_common/tasks/pre_requisite.yml

@@ -33,9 +33,12 @@
   tags: install
 
 - name: Check OS support
-  fail:
-    msg: "{{ os_status }}"
-  when: not(ansible_distribution == os_name and ansible_distribution_version >= os_version)
+  assert:
+    that:
+      - ( ansible_distribution | lower == os_supported_centos ) and ( ansible_distribution_version >= os_supported_centos_version ) or
+        ( ansible_distribution | lower == os_supported_rocky ) and ( ansible_distribution_version >= os_supported_rocky_version )
+    fail_msg: "{{ fail_os_status }}"
+    success_msg: "{{ success_os_status }}"
   register: os_value
   tags: install
 

control_plane/roles/control_plane_common/vars/main.yml

@@ -33,16 +33,20 @@ common_packages:
   - net-tools
   - python3-netaddr
   - yum-plugin-versionlock
+  - dos2unix
 
 # Usage: pre_requisite.yml
 internet_delay: 0
 internet_timeout: 10
 hostname: github.com
 port_no: 22
-os_name: CentOS
-os_version: '8.3'
+os_supported_centos: "centos"
+os_supported_rocky: "rocky"
+os_supported_centos_version: "8.3"
+os_supported_rocky_version: "8.4"
+fail_os_status: "Unsupported OS or OS version. OS should be {{ os_supported_centos }} {{ os_supported_centos_version }} or {{ os_supported_rocky }} {{ os_supported_rocky_version }}"
+success_os_status: "Management Station OS validated"
 internet_status: "Failed. No Internet connection. Make sure network is up."
-os_status: "Unsupported OS or OS version. OS should be {{ os_name }} and Version should be {{ os_version }} or more"
 selinux_status: "SElinux is not disabled. Disable it in /etc/sysconfig/selinux and reboot the system"
 ansible_python_version_status: "For CentOS 8.3, python bindings of firewalld, dnf, selinux are not available if python is installed from source and not from dnf. So please make sure python3.6 is installed using dnf. And ansible uses the python version 3.6 installed using dnf"
 python_version_support: '3.6.8'
@@ -100,12 +104,15 @@ success_msg_k8s_pod_network_cidr: "Appliance k8s pod network cidr validated"
 fail_msg_k8s_pod_network_cidr: "Failed. Incorrect appliance k8s pod network cidr provided in base_vars.yml"
 success_awx_organization: "awx organization validated"
 success_provision_method: "Provision method validated"
-fail_provision_method: "Failed. Provision method can either be set to idrac or pxe"
+fail_provision_method: "Failed. provision_method can either be set to idrac or PXE"
+stateless_provision_fail_msg: "Failed. provision_method should be PXE when provision_state is stateless"
 fail_awx_organization: "Failed. Incorrect format in awx organization"
 success_timezone_msg: "timezone validated"
 fail_timezone_msg: "Failed. Incorrect timezone provided. Please check the file timezone.txt in control_plane/roles/control_plane_common/files/ folder"
 fail_language: "Failed. Only en-US(english) language supported"
-invalid_iso_file_path: "Incorrect iso_file_path provided in base_vars.yml."
+invalid_iso_file_path: "Invalid iso_file_path provided in base_vars.yml. Make sure iso_file_path contains value mentioned in provision_os."
+missing_iso_file_path: "Incorrect iso_file_path provided in base_vars.yml. Make sure iso file is present in the provided iso_file_path."
+valid_iso_file_path: "iso_file_path validated"
 ethernet_switch_support_success_msg: "ethernet_switch_support validated"
 ethernet_switch_support_fail_msg: "Failed. ethernet_switch_support only accepts boolean values true or false"
 ib_switch_support_success_msg: "ib_switch_support validated"
@@ -129,6 +136,10 @@ success_msg_ib: "Infiniband variables validated"
 fail_msg_ib: "Failed. Please provide all the InfiniBand related parameters in base_vars.yml"
 success_msg_lease_time: "Default lease time validated"
 fail_msg_lease_time: "Failed. Please provide a valid default lease time"
+provision_os_success_msg: "provision_os validated"
+provision_os_fail_msg: "Failed. Incorrect provision_os selected. Supported OS are {{ os_supported_centos }} or {{ os_supported_rocky }}"
+provision_state_success_msg: "provision_state validated"
+provision_state_fail_msg: "Failed. Incorrect provision_state selected. Supported values are stateful or stateless"
 
 # Usage: fetch_sm_inputs.yml
 ib_config_file: "{{ role_path }}/../../input_params/ib_vars.yml"

control_plane/roles/control_plane_customiso/files/temp_rocky8.cfg

@@ -0,0 +1,59 @@
+#version=RHEL8
+
+# instllation method
+cdrom
+
+# SELinux configuration
+selinux --disabled
+
+# Firewall configuration
+firewall --disabled
+
+# text install
+text
+
+# Do not configure the X Window System
+skipx
+
+# Keyboard layouts
+keyboard us
+
+# System language
+lang ks_language
+
+# Network information
+network  --bootproto=dhcp --device=link --onboot=on --activate
+
+# Root password
+rootpw --iscrypted ks_password
+
+# System services
+services --enabled="chronyd"
+
+# System timezone
+timezone --utc ks_timezone
+
+# System bootloader configuration
+bootloader --location=mbr
+
+# Tell it to blow away the master boot record on the hard drive
+zerombr
+
+# Tell it to do a dumb move and blow away all partitions
+clearpart --all --initlabel
+
+# Auto partitiong
+autopart
+
+# Reboot after installation
+reboot
+
+%packages
+@core
+net-tools
+%end
+
+%post --log=/root/ks-post.log
+yum groupinstall "Infiniband Support" -y
+yum install infiniband-diags perftest qperf -y
+%end

control_plane/roles/control_plane_customiso/tasks/create_unattended_iso.yml

@@ -13,39 +13,68 @@
 #  limitations under the License.
 ---
 
-- name: Create custom ISO
-  command: >-
-    mkisofs -o /tmp/{{ unattended_iso_filename }} -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4
-    -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -J -R -V "CentOS 7 x86_64"  {{ tmp_iso_dir }}
-  changed_when: true
-  register: custom_iso_status
-  tags: install
-  args:
-    chdir: "{{ tmp_iso_dir }}"
+- name: ISO creation - centos
+  block:
+    - name: Create custom ISO
+      command: >-
+        mkisofs -o /tmp/{{ centos_iso_filename }} -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4
+        -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -J -R -V "CentOS 7 x86_64"  {{ tmp_iso_dir }}
+      changed_when: true
+      register: centos_iso_status
+      tags: install
+      args:
+        chdir: "{{ tmp_iso_dir }}"
 
-- name: Custom ISO creation status check
-  assert:
-    that:
-      - "'Total directory bytes:' in custom_iso_status.stderr"
-      - "'Path table size(bytes):' in custom_iso_status.stderr"
-      - "'Max brk space used' in custom_iso_status.stderr"
-      - "'extents written' in custom_iso_status.stderr"
-    success_msg: "{{ custom_iso_success_msg }}"
-    fail_msg: "{{ custom_iso_fail_msg }}"
-  register: iso_success_check
+    - name: Custom ISO creation status check
+      assert:
+        that:
+          - "'Total directory bytes:' in centos_iso_status.stderr"
+          - "'Path table size(bytes):' in centos_iso_status.stderr"
+          - "'Max brk space used' in centos_iso_status.stderr"
+          - "'extents written' in centos_iso_status.stderr"
+        success_msg: "{{ custom_iso_success_msg }}"
+        fail_msg: "{{ custom_iso_fail_msg }}"
+
+    - name: Copy ISO file to nfs share
+      copy:
+        src: "/tmp/{{ centos_iso_filename }}"
+        dest: "{{ nfs_share_offline_repo }}/{{ centos_iso_filename }}"
+        mode: preserve
+      tags: install
+  when: provision_os == os_supported_centos
+
+- name: ISO creation - rocky
+  block:
+    - name: Create custom ISO
+      command: >-
+        mkisofs -o /tmp/{{ rocky_iso_filename }} -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4
+        -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -J -R -V "Rocky-8-4-x86_64-dvd"  {{ tmp_iso_dir }}
+      changed_when: true
+      register: rocky_iso_status
+      tags: install
+      args:
+        chdir: "{{ tmp_iso_dir }}"
+
+    - name: Custom ISO creation status check
+      assert:
+        that:
+          - "'Total directory bytes:' in rocky_iso_status.stderr"
+          - "'Path table size(bytes):' in rocky_iso_status.stderr"
+          - "'Max brk space used' in rocky_iso_status.stderr"
+          - "'extents written' in rocky_iso_status.stderr"
+        success_msg: "{{ custom_iso_success_msg }}"
+        fail_msg: "{{ custom_iso_fail_msg }}"
+
+    - name: Copy ISO file to nfs share
+      copy:
+        src: "/tmp/{{ rocky_iso_filename }}"
+        dest: "{{ nfs_share_offline_repo }}/{{ rocky_iso_filename }}"
+        mode: preserve
+      tags: install
+  when: provision_os == os_supported_rocky
 
 - name: Remove the kickstart file
   file:
-    path: "{{ role_path }}/files/{{ kickstart_file }}"
+    path: "{{ role_path }}/files/{{ idrac_kickstart_file }}"
     state: absent
-  tags: install
-
-- name: Include control_plane_common vars
-  include_vars: ../../control_plane_common/vars/main.yml
-
-- name: Copy ISO file to nfs share
-  copy:
-    src: "/tmp/{{ unattended_iso_filename }}"
-    dest: "{{ nfs_share_offline_repo }}/{{ unattended_iso_filename }}"
-    mode: preserve
   tags: install

control_plane/roles/control_plane_customiso/vars/main.yml

@@ -17,30 +17,19 @@
 
 #Usage: check_prerequisites.yml
 iso_mount_path: /mnt/iso/
-iso_mount_check_fail_msg: "ISO file not mounted. Ensure /mnt/iso path is mounted with centos ISO file."
+iso_mount_check_fail_msg: "ISO file not mounted. Ensure /mnt/iso path is mounted with {{ provision_os }} ISO file."
 
 #Usage: edit_iso_config.yml
 tmp_iso_dir: /tmp/iso/
-kickstart_file: centos7.cfg
+idrac_centos_ks: centos7.cfg
+idrac_rocky_ks: rocky8.cfg
 file_permission: 0744
 isolinux_cfg_path: isolinux/isolinux.cfg
 grub_cfg_path: EFI/BOOT/grub.cfg
-host_nic:
- - em1
- - em2
- - em3
- - em4
- - p4p1
- - p4p2
- - p3p1
- - p3p2
- - p2p1
- - p2p2
- - p1p2
- - p1p1
 
 #Usage: create_unattended_iso.yml
-unattended_iso_filename: unattended_centos7.iso
+centos_iso_filename: unattended_centos7.iso
+rocky_iso_filename: unattended_rocky8.iso
 custom_iso_success_msg: "Unattended ISO file created successfully"
 custom_iso_fail_msg: "Unattended ISO file creation failed. Ensure /mnt/iso path is mounted with valid centos minimal ISO file."
-management_station_ip_file: "management_station_ip.txt"
+management_station_ip_file: "management_station_ip.txt"

control_plane/roles/control_plane_device/tasks/check_prerequisites.yml

@@ -39,7 +39,7 @@
       verbosity: 2
 
 - name: Inspect the mngmnt_network_container image
-  command: "buildah images {{ mngmnt_network_image_name }}"
+  command: "buildah images"
   register: mngmnt_network_container_image_result
   failed_when: false
   changed_when: false
@@ -55,7 +55,7 @@
 - name: Update mngmnt_network_container image status
   set_fact:
     mngmnt_network_container_image_status: true
-  when: "'No such image' not in mngmnt_network_container_image_result.stderr"
+  when: mngmnt_network_image_name in mngmnt_network_container_image_result.stdout
   tags: install
 
 - name: Update mngmnt_network_container container status

control_plane/roles/control_plane_ib/tasks/check_prerequisites.yml

@@ -40,7 +40,7 @@
       verbosity: 2
 
 - name: Inspect the infiniband_container image
-  command: "buildah images {{ infiniband_image_name }}"
+  command: "buildah images"
   register: infiniband_container_image_result
   failed_when: false
   changed_when: false
@@ -56,11 +56,11 @@
 - name: Update infiniband_container image status
   set_fact:
     infiniband_container_image_status: true
-  when: "'No such image' not in infiniband_container_image_result.stderr"
+  when: infiniband_image_name in infiniband_container_image_result.stdout
   tags: install
 
 - name: Update infiniband_container container status
   set_fact:
     infiniband_container_status: true
   when: "'infiniband-container' in infiniband_container_result.stdout"
-  tags: install
+  tags: install

control_plane/roles/provision_cobbler/files/Dockerfile

@@ -11,7 +11,7 @@ RUN dnf update -y \
     && rm -rf /var/cache/dnf
 
 RUN dnf install -y git
-RUN git clone -b v3.2.1 https://github.com/cobbler/cobbler.git
+RUN git clone -b v3.2.2 https://github.com/cobbler/cobbler.git
 RUN cd cobbler/
 
 RUN mkdir /root/omnia
@@ -59,7 +59,6 @@ COPY .users.digest /etc/cobbler/users.digest
 COPY cobbler_configurations.yml /root
 COPY tftp.yml /root
 COPY inventory_creation.yml /root
-COPY centos7.ks /var/lib/cobbler/templates/
 
 EXPOSE 69 80 443 25151
 

control_plane/roles/provision_cobbler/files/cobbler_configurations.yml

@@ -17,9 +17,6 @@
   hosts: localhost
   connection: local
   gather_facts: false
-  vars:
-    name_iso: CentOS7
-    distro_name: CentOS7-x86_64
   tasks:
   - name: Inside cobbler container
     debug:
@@ -32,7 +29,7 @@
     changed_when: false
 
   - name: Install cobbler and cobbler-web
-    command: dnf install -y cobbler-3.2.1-1.el8.noarch.rpm cobbler-web-3.2.1-1.el8.noarch.rpm
+    command: dnf install -y cobbler-3.2.2-1.el8.noarch.rpm cobbler-web-3.2.2-1.el8.noarch.rpm
     args:
       chdir: /cobbler/rpm-build
     changed_when: false
@@ -98,12 +95,21 @@
     command: cobbler import --arch=x86_64 --path=/mnt --name="{{ name_iso }}"
     changed_when: false
 
-  - name: Kickstart profile
+  - name: Kickstart profile - centos
     copy:
-      src: "/var/lib/cobbler/templates/centos7.ks"
+      src: "/root/centos7.ks"
       dest: "/var/lib/cobbler/templates/sample.ks"
       mode: 0775
     tags: install
+    when: name_iso == "centos"
+
+  - name: Kickstart profile - rocky
+    copy:
+      src: "/root/rocky8.ks"
+      dest: "/var/lib/cobbler/templates/sample.ks"
+      mode: 0775
+    tags: install
+    when: name_iso == "rocky"
 
   - name: Pxe menu
     copy:
@@ -130,25 +136,15 @@
     command: cobbler sync
     changed_when: false 
 
-  - name: Restart cobbler
-    service:
-      name: cobblerd
-      state: restarted
-
-  - name: Restart httpdd
-    service:
-      name: httpd
-      state: restarted
-
-  - name: Restart xinetd
-    service:
-      name: xinetd
-      state: restarted
-
-  - name: Restart dhcpd
+  - name: Restart cobblerd, http, xinetd and dhcpd
     service:
-      name: dhcpd
+      name: "{{ item }}"
       state: restarted
+    loop:
+      - cobblerd
+      - httpd
+      - xinetd
+      - dhcpd
 
   - name: Fetch ansible-playbook path
     command: whereis ansible-playbook

control_plane/roles/provision_cobbler/files/temp_centos7.ks

@@ -1,7 +1,7 @@
-#version=DEVEL
+#version=CENTOS7
 
 # Use network installation
-url --url http://ip/cblr/links/CentOS7-x86_64/
+url --url http://ip/cblr/links/centos-x86_64/
 
 # Install OS instead of upgrade
 install
@@ -32,7 +32,7 @@ lang en_US
 network  --bootproto=dhcp --device=link --onboot=on --activate
 
 # Root password
-rootpw --iscrypted password
+rootpw --iscrypted ks_password
 
 # System services
 services --enabled="chronyd"

control_plane/roles/provision_cobbler/files/temp_rocky8.ks

@@ -0,0 +1,59 @@
+#version=RHEL8
+
+# Use network installation
+url --url http://ip/cblr/links/rocky-x86_64/
+
+# SELinux configuration
+selinux --disabled
+
+# Firewall configuration
+firewall --disabled
+
+# text install
+text
+
+# Do not configure the X Window System
+skipx
+
+# Keyboard layouts
+keyboard us
+
+# System language
+lang ks_language
+
+# Network information
+network  --bootproto=dhcp --device=link --onboot=on --activate
+
+# Root password
+rootpw --iscrypted ks_password
+
+# System services
+services --enabled="chronyd"
+
+# System timezone
+timezone --utc ks_timezone
+
+# System bootloader configuration
+bootloader --location=mbr
+
+# Tell it to blow away the master boot record on the hard drive
+zerombr
+
+# Tell it to do a dumb move and blow away all partitions
+clearpart --all --initlabel
+
+# Auto partitioning
+autopart
+
+# Reboot after installation
+reboot
+
+%packages
+@core
+net-tools
+%end
+
+%post --log=/root/ks-post.log
+yum groupinstall "Infiniband Support" -y
+yum install infiniband-diags perftest qperf -y
+%end

control_plane/roles/provision_cobbler/tasks/check_prerequisites.yml

@@ -22,6 +22,16 @@
     new_node_status: false
   tags: install
 
+- name: Set centos kickstart file name
+  set_fact:
+    cobbler_kickstart_file: "{{ cobbler_centos_ks }}"
+  when: provision_os == os_supported_centos
+
+- name: Set rocky kickstart file name
+  set_fact:
+    cobbler_kickstart_file: "{{ cobbler_rocky_ks }}"
+  when: provision_os == os_supported_rocky
+
 - name: Check if any backup file exists
   block:
   - name: Check status of backup file
@@ -47,17 +57,17 @@
 - name: Create namespace network-config
   command: kubectl create namespace cobbler
   changed_when: true
-  when: "'cobbler' not in k8s_namespaces.stdout"
+  when: cobbler_namespace not in k8s_namespaces.stdout
 
 - name: Inspect the cobbler image
-  command: "buildah images {{ cobbler_image_name }}"
+  command: buildah images
   register: cobbler_image_result
   failed_when: false
   changed_when: false
   tags: install
 
 - name: Check cobbler pod status on the machine
-  command: kubectl get pods -n cobbler
+  command: kubectl get pods -n {{ cobbler_namespace }}
   register: cobbler_pod_result
   failed_when: false
   changed_when: false
@@ -66,7 +76,7 @@
 - name: Update cobbler image status
   set_fact:
     cobbler_image_status: true
-  when: "'No such image' not in cobbler_image_result.stderr"
+  when: cobbler_image_name in cobbler_image_result.stdout
   tags: install
 
 - name: Update cobbler container status
@@ -76,21 +86,21 @@
   tags: install
 
 - name: Get cobbler pod name
-  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+  command: 'kubectl get pod -n {{ cobbler_namespace }} -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
   changed_when: false
   register: cobbler_pod_name
   when: cobbler_container_status
   tags: install
 
 - name: Fetch cobbler profile list
-  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler profile list"
+  command: "kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- cobbler profile list"
   changed_when: false
   register: cobbler_profile_list
   failed_when: false
   when: cobbler_container_status
 
 - name: Check crontab list
-  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- crontab -l"
+  command: "kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- crontab -l"
   changed_when: false
   register: crontab_list
   failed_when: false
@@ -101,6 +111,6 @@
     cobbler_config_status: true
   when:
     - cobbler_container_status
-    - "'CentOS' in cobbler_profile_list.stdout"
+    - provision_os in cobbler_profile_list.stdout
     - "'* * * * * /usr/bin/ansible-playbook /root/tftp.yml' in crontab_list.stdout"
     - "'*/5 * * * * /usr/bin/ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"

control_plane/roles/provision_cobbler/tasks/configure_cobbler.yml

@@ -20,18 +20,27 @@
   when: cobbler_container_status and not cobbler_config_status
 
 - name: Wait for cobbler pod to come to ready state
-  command: kubectl wait --for=condition=ready -n cobbler pod -l app=cobbler
+  command: kubectl wait --for=condition=ready -n {{ cobbler_namespace }} pod -l app=cobbler
   changed_when: false
   tags: install
 
 - name: Get cobbler pod name
-  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+  command: 'kubectl get pod -n {{ cobbler_namespace }} -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
   changed_when: false
   register: cobbler_pod_name
   tags: install
 
+- name: Wait for 30 seconds to get cobbler pod ready
+  wait_for:
+    timeout: 30
+
+- name: Copy dhcpd.leases from cobbler
+  command: kubectl cp {{ role_path}}/files/{{ cobbler_kickstart_file }} {{ cobbler_pod_name.stdout }}:/root/{{ cobbler_kickstart_file }} -n {{ cobbler_namespace }}
+  changed_when: true
+  when: not cobbler_config_status
+
 - name: Configuring cobbler inside container (It may take 5-10 mins)
-  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/cobbler_configurations.yml"
+  command: "kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/cobbler_configurations.yml -e name_iso={{ provision_os }}"
   changed_when: true
   tags: install
   when: not cobbler_config_status
@@ -45,7 +54,7 @@
   when: not cobbler_config_status
 
 - name: Execute cobbler sync in cobbler container
-  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
+  command: 'kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- cobbler sync'
   changed_when: true
   when: cobbler_config_status
 
@@ -57,5 +66,5 @@
     - "{{ role_path }}/files/.users.digest"
     - "{{ role_path }}/files/dhcp.template"
     - "{{ role_path }}/files/settings"
-    - "{{ role_path }}/files/centos7.ks"
+    - "{{ role_path }}/files/{{ cobbler_kickstart_file }}"
     - "{{ role_path }}/files/temp_host_mapping_file.csv.bak"

control_plane/roles/provision_cobbler/tasks/mapping_file.yml

@@ -71,21 +71,21 @@
     mode: 0644
 
 - name: Get cobbler pod name
-  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+  command: 'kubectl get pod -n {{ cobbler_namespace }} -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
   changed_when: false
   register: cobbler_pod_name
   when: cobbler_container_status
   tags: install
 
 - name: Copy the dhcp.template inside container
-  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} \
+  command: 'kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} \
     -- cp /root/omnia/control_plane/roles/provision_cobbler/files/dhcp.template /etc/cobbler/dhcp.template'
   when:  ( cobbler_container_status ) and ( new_node_status )
 
 - name: Cobbler sync for adding new nodes
-  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
+  command: 'kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- cobbler sync'
   when:  ( cobbler_container_status ) and ( new_node_status )
 
 - name: Restart dhcpd
-  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- systemctl restart dhcpd'
+  command: 'kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- systemctl restart dhcpd'
   when:  ( cobbler_container_status ) and ( new_node_status )

control_plane/roles/provision_cobbler/vars/main.yml

@@ -15,12 +15,11 @@
 
 # vars file for provision
 
-#Usage: mapping_file.yml
+# Usage: mapping_file.yml
 temp_host_mapping_file: "{{ role_path }}/files/new_host_mapping_file.csv"
 
-#Usage: check_prerequisite.yml
-iso_name: CentOS-7-x86_64-Minimal-2009.iso
-iso_fail: "Iso file not found. Download and copy the iso file to omnia/control_plane/roles/provision_cobbler/files"
+# Usage: check_prerequisite.yml
+cobbler_namespace: cobbler
 
 # Usage: provision_password.yml
 provision_encrypted_dest: ../files/
@@ -29,7 +28,9 @@ base_file: "{{ role_path }}/../../input_params/base_vars.yml"
 login_vault_file: "{{ role_path }}/../../input_params/.login_vault_key"
 username: cobbler
 user_mode: 0644
-host_nic:
+cobbler_centos_ks: centos7.ks
+cobbler_rocky_ks: rocky8.ks
+centos_host_nic:
  - em1
  - em2
  - em3
@@ -42,6 +43,19 @@ host_nic:
  - p2p2
  - p1p2
  - p1p1
+rocky_host_nic:
+ - eno1
+ - eno2
+ - eno3
+ - eno4
+ - ens4f0
+ - ens4f1
+ - ens3f0
+ - ens3f1
+ - ens2f0
+ - ens2f1
+ - ens1f0
+ - ens1f1
 
 # Usage: cobbler_image.yml
 cobbler_image_name: cobbler
@@ -52,4 +66,4 @@ message_skipped: "Installation Skipped: Cobbler instance is already running in y
 message_installed: "Installation Successful"
 
 # Usage: mount_iso.yml
-iso_dir_name: iso
+iso_dir_name: iso

control_plane/roles/provision_idrac/tasks/check_prerequisites.yml

@@ -193,11 +193,14 @@
             - '"Healthy" in idrac_info.system_info.License[my_idx2].PrimaryStatus'
           loop_control:
             index_var: my_idx2
-      when: idrac_info.system_info.License is defined
+      when: 
+        - provision_state == "stateful"
+        - provision_method == provision_method_idrac
+        - idrac_info.system_info.License is defined 
 
-    - name: Change provision mode in absence of license
+    - name: Change provision mode to PXE
       set_fact:
-        provision_method: "pxe"
+        provision_method: "{{ provision_method_pxe }}"
       when: not (enterprise_license or datacenter_license)
 
     - name: Firmware version of iDRAC9 not supported
@@ -237,4 +240,4 @@
       when:
         - nfs_check_key in nfs_check.msg or
           nfs_check_key in nfs_check.scp_status.Status
-  when: not provision_status
+  when: not provision_status

control_plane/roles/provision_idrac/tasks/fetch_idrac_credentials.yml

@@ -39,4 +39,9 @@
     --vault-password-file {{ login_vault_filename }}
   changed_when: false
   when: "'$ANSIBLE_VAULT;' in config_content.stdout"
-  run_once: true
+  run_once: true
+
+- name: Update {{ login_input_filename }} permission
+  file:
+    path: "{{ login_input_filename }}"
+    mode: "{{ file_permission }}"

control_plane/roles/provision_idrac/tasks/import_scp.yml

@@ -53,7 +53,7 @@
     - '  <Attribute Name="HttpDev2EnDis">Disabled</Attribute>'
     - '  <Attribute Name="HttpDev3EnDis">Disabled</Attribute>'
     - '  <Attribute Name="HttpDev4EnDis">Disabled</Attribute>'
-  when: provision_method == "pxe"
+  when: provision_method == provision_method_pxe
   run_once: true
 
 - name: Disable PXE attributes to SCP file
@@ -66,7 +66,7 @@
     - '  <Attribute Name="PxeDev2EnDis">Disabled</Attribute>'
     - '  <Attribute Name="PxeDev3EnDis">Disabled</Attribute>'
     - '  <Attribute Name="PxeDev4EnDis">Disabled</Attribute>'
-  when: provision_method == "idrac"
+  when: provision_method == provision_method_idrac
   run_once: true
 
 - name: Add SNMP community name attribute to SCP file
@@ -87,21 +87,26 @@
   when: snmp_trap_status
   run_once: true
 
-- name: Import SCP from a local path and wait for this job to get completed
-  dellemc.openmanage.idrac_server_config_profile:
-    idrac_ip: "{{ inventory_hostname }}"
-    idrac_user: "{{ idrac_username }}"
-    idrac_password: "{{ idrac_password }}"
-    share_name: "{{ role_path }}/files/"
-    command: "import"
-    scp_file: "{{ scp_filename }}"
-    scp_components: "ALL"
-    shutdown_type: "Forced"
-    job_wait: "True"
-  register: import_scp_status
-  until: not import_scp_status.failed
-  retries: "{{ retries_count }}"
-  
+- block:
+    - name: Import SCP from a local path and wait for this job to get completed
+      dellemc.openmanage.idrac_server_config_profile:
+        idrac_ip: "{{ inventory_hostname }}"
+        idrac_user: "{{ idrac_username }}"
+        idrac_password: "{{ idrac_password }}"
+        share_name: "{{ role_path }}/files/"
+        command: "import"
+        scp_file: "{{ scp_filename }}"
+        scp_components: "ALL"
+        shutdown_type: "Forced"
+        job_wait: "True"
+      register: import_scp_status
+      until: not import_scp_status.failed
+      retries: "{{ retries_count }}"
+  rescue:
+    - name: Import SCP failed
+      fail:
+        msg: "{{ import_scp_fail_msg }}"
+        
 - name: Remove the SCP file
   file:
     path: "{{ role_path }}/files/{{ scp_filename }}"

control_plane/roles/provision_idrac/tasks/main.yml

@@ -33,7 +33,9 @@
 
 - name: Create VD
   include_tasks: create_vd.yml
-  when: not provision_status
+  when: 
+     - not provision_status
+     - provision_state == "stateful"
 
 - name: Deploy OS
   include_tasks: deploy_os.yml

control_plane/roles/provision_idrac/vars/main.yml

@@ -49,15 +49,18 @@ idrac9_firmware_not_supported_msg: "[WARNING]Firmware version of iDRAC9 less tha
 idrac8_supported_version: "2.75.75.75"
 idrac8_firmware_not_supported_msg: "[WARNING]Firmware version of iDRAC8 less than 2.75.75.75 is not supported for provisioning. Following tasks can be failed due to older firmware version. In case of failure, update firmware manually and re-run the idrac_template"
 retries_count: 5
+provision_method_idrac: "idrac"
+provision_method_pxe: "PXE"
 
 # Usage: update_firmware.yml
 idrac_port: 443
 idrac_error_message: "Unable to complete the operation because the catalog name entered has either unsupported firmware packages or same version installed on the server"
-firmware_job_fail_msg: "Failed. Error occurred while updating firmware"
+firmware_job_fail_msg: "Failed. Error occured while updating firmware"
 firmware_job_success_msg: "Firmware update job compeleted successfully"
 
 # Usage: import_scp.yml
 scp_filename: idrac_scp.xml
+import_scp_fail_msg: "Import scp failed. This could be due to older bios, idrac version or due to pending lc tasks."
 
 # Usage: create_vd.yml
 raid_level: "RAID 0"
@@ -66,3 +69,6 @@ raid_level: "RAID 0"
 expose_duration: 60
 file_permission: 0644
 provision_os_msg: "OS provisioning is initiated. Wait for installation to complete for all servers."
+idrac_provisioning_fail_msg: "OS provisioning using iDRAC is failed. This could be due to older firmware or some internal issues with server. Re-run idrac_template after fixing the issue"
+pxe_provisioning_fail_msg: "OS provisioning using PXE is failed. This could be due some internal issues with server. Re-run idrac_template after fixing the issue"
+add_inventory_fail_msg: "Failed. Unable to add provisioned host to provisioned_idrac_inventory."

docs/README.md

@@ -100,7 +100,7 @@ AWX	|	Apache-2.0	|	19.1.0	|	Web-based User Interface
 AWX.AWX	|	Apache-2.0	|	19.1.0	|	Galaxy collection to perform awx configuration
 AWXkit	|	Apache-2.0	|	to be updated	|	To perform configuration through CLI commands
 Cri-o	|	Apache-2.0	|	1.21	|	Container Service
-Buildah	|	Apache-2.0	|	1.19.8	|	Tool to build and run container
+Buildah	|	Apache-2.0	|	1.21.4	|	Tool to build and run container
 PostgreSQL	|	Copyright (c) 1996-2020, PostgreSQL Global Development Group	|	10.15	|	Database Management System
 Redis	|	BSD-3-Clause License	|	6.0.10	|	In-memory database
 NGINX	|	BSD-2-Clause License	|	1.14	|	-